IETF Logo Mail Archive

RE: I-D Action: draft-filsfils-6man-structured-flow-label-00.txt

Ron Bonica <rbonica@juniper.net> Thu, 08 April 2021 22:13 UTC

Return-Path: <rbonica@juniper.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF4583A1EE7; Thu, 8 Apr 2021 15:13:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.8
X-Spam-Level:
X-Spam-Status: No, score=-2.8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=j8Ug9U5J; dkim=pass (1024-bit key) header.d=juniper.net header.b=TtlZ1THX
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vF6KjkxQQnfS; Thu, 8 Apr 2021 15:12:59 -0700 (PDT)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5AEFE3A1EE8; Thu, 8 Apr 2021 15:12:59 -0700 (PDT)
Received: from pps.filterd (m0108163.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 138M46Dt002533; Thu, 8 Apr 2021 15:12:58 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=PPS1017; bh=2KUr48rISQhqONetpXOGk8AyNUnutcjtVwJnN9LU7AI=; b=j8Ug9U5J53n/Hh1+CiTjKflUwgnbFQHbPgEBGzIrFDZc6cyUsFfuRc4jBg/EkGFia4+0 0c+Ocp2TgItqCqE76LLM9cpuHXYqCOnD6O58qVl5Jw2DtR/HvgA/jJSQxybPT1Uda0Q2 01rFOlsp8FqNie7LTVqEjsUFTqneNY4vxsIUENJa7peALM42cNEw2pd4f0ikykNlaSME 3kjYDkWgCKZftIYsJpXLzNZo4eLwcx85uqSNdxyYj3vowDNaveaY3eMx08TYAwv52vO4 ouyJQxtZu7rGu1jHumjwrorTuOuYsqkOmTPMO0LXAOmYJW8hANas1xaKKdGIBQ9pT6H9 ug==
Received: from nam12-mw2-obe.outbound.protection.outlook.com (mail-mw2nam12lp2041.outbound.protection.outlook.com [104.47.66.41]) by mx0b-00273201.pphosted.com with ESMTP id 37sxrwhnhw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 08 Apr 2021 15:12:58 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RFjPmkalcba23By5+JfB5WxLvpvlFEsXMs7sFzLAQsrYzcavJuxiqWu8gTZUwyjLZXqW+w7r4Ec7MOzlyKcIKBWaFSMvsBboidwJ+pvesRy3zHAZUfcGGpQxFalfI/xzLTa8L+jeDZUnrphK5eGobO6Zvbex3k1iBcOQS8FG5L+jBn3MCHUxuQlnkYaPHdL76ZWPmU/q58lnsuyIxDcv0ATEQWTyaMsprs2DVO6asVPD63pn+4x6EFa/V6vDG1QWKuHPPDx8I1ymAgxei/3lOBzVh887wgLNr8mV8Ynlpqy/sKBNDidTsGlvxeHPjGjzM3CdiLd9fr0fhV9fGN1HCA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2KUr48rISQhqONetpXOGk8AyNUnutcjtVwJnN9LU7AI=; b=kca3DlE7/H7IiQAaH5fDvwj+2EZvZ6TA1lijVdyv7YNYpTsx81RBSvSBtRY6B3Q32j87Zr7/QKwSJWDILdNY1CV5vu9Nz2g2r4FmRXNlwMeDe7oXZV/ZbUeGsEi7xbGuiK0jBhah7yXhLiebWj7qJaARDt34icWkKRhF+4vJgyBBiMDanGYXhl8DYlxM8Aur1/4iFJ7FPpHeZiDyBs5+dE+cOfthhr0WH3k+KaeeYA7JE4YeVjbAjLscsu16MaIvpLPYnhqP6wZFVZo7Z/qSsCekyCJv7tZvt1NH/sY1FXjFEzJqnuYmWPXFsPVCeD8ncYB2Ht0idX3LiR3yf8vxfQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2KUr48rISQhqONetpXOGk8AyNUnutcjtVwJnN9LU7AI=; b=TtlZ1THXjnBvcjXYOeDONqfDDXwqPK7kBOaFls08cceGj3pnDFeYMmkXaRPKNPBH0uCwiyPbogCSaMD7ESRaSrlUMx3OGuQ5yxWn2lmKNlg7zHMkIpC48MBKcVRDHg+WEfYW7l5rXZOmbliM7Crx2TauKvcardbg0oB+pdDv0tQ=
Received: from BL0PR05MB5316.namprd05.prod.outlook.com (2603:10b6:208:2f::25) by BLAPR05MB7329.namprd05.prod.outlook.com (2603:10b6:208:29f::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4020.8; Thu, 8 Apr 2021 22:12:56 +0000
Received: from BL0PR05MB5316.namprd05.prod.outlook.com ([fe80::f0a3:d022:d21e:4649]) by BL0PR05MB5316.namprd05.prod.outlook.com ([fe80::f0a3:d022:d21e:4649%6]) with mapi id 15.20.4020.016; Thu, 8 Apr 2021 22:12:55 +0000
From: Ron Bonica <rbonica@juniper.net>
To: "6man@ietf.org" <6man@ietf.org>, "draft-filsfils-6man-structured-flow-label@ietf.org" <draft-filsfils-6man-structured-flow-label@ietf.org>
Subject: RE: I-D Action: draft-filsfils-6man-structured-flow-label-00.txt
Thread-Topic: I-D Action: draft-filsfils-6man-structured-flow-label-00.txt
Thread-Index: AQHXLB2Q30rVSa5hBE25DfH7iq+74aqq4HuQ
Date: Thu, 08 Apr 2021 22:12:55 +0000
Message-ID: <BL0PR05MB53165598411E9CF7B34E89D4AE749@BL0PR05MB5316.namprd05.prod.outlook.com>
References: <161591339002.5771.1047511172491571607@ietfa.amsl.com> <b9ac5db9-58ab-5e23-d00e-886e9e72595e@gmail.com>
In-Reply-To: <b9ac5db9-58ab-5e23-d00e-886e9e72595e@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.6.0.76
dlp-reaction: no-action
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=true; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2021-04-08T22:12:54Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Method=Standard; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=0633b888-ae0d-4341-a75f-06e04137d755; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=6a43ffb3-897a-4f6e-bf47-a4ea85a311c1; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ContentBits=2
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=juniper.net;
x-originating-ip: [173.79.122.226]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3b1f9f81-479f-4f0d-7a1e-08d8fadb75f8
x-ms-traffictypediagnostic: BLAPR05MB7329:
x-microsoft-antispam-prvs: <BLAPR05MB7329F601E5A0C26E0705DC72AE749@BLAPR05MB7329.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: o3e1VU38f9DmzSPf7vUUBakt5+QL5qc6XyBgt7HkvPuH7GtKYZQB2FjtM51nlVs9KqXTlDmREcPFKV0vsCtVqaARKOBR5v6CJEnyORe6TPVLEFL9gh/oGvAOslir7ZxShBPc27KznyU/M0Xwe1iRrrK5xmvD30hIpCLbX0+tZCALxqk5Tdq5Gmjp94fA1KbT2QAqsOcN5LzzTAzGzKgeOmfndYyqRBKHoeDbJujBH20ROzGq+57ybsD0zieVlCSN0L8lrhV0V//ZwCR+m5uRZ+36Bn44vqUMv98gLX6XWneCtEbacfKLXxslIFRCZXGYJak7L7YXBut7+OlU4JwPIgyhVws8WkXbjXv+CF4Bdaf5qJIT4GDNaTBBc3qDkmIdh1zYLdoG4zlFuuBLqyTRuqznxC1WpptJ0D7JwZXMGSwt3zWqdT+UI/tCDOcQ8UfUUWy4L12Rv8oypthz2oX/t00VpSPiwcqF0K/tV0PybKKnH9ctx8az7rapjGqt663tvoV7/LrRNTnYt6wy0piNPNMQYtl0E9oXg58GPIQnN6g+QGS3YacUfecm4f34nazutv4DSJ56xQwO+Bynml+v/60uaX+QkbTHalormzxHz7k/MZwySly8DvYREw8Jpd6bnwi4XAIl0AEJOp0llyumx9A8sz+uQvBqBA+4iiDB73o=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BL0PR05MB5316.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(136003)(366004)(346002)(396003)(39860400002)(316002)(5660300002)(55016002)(52536014)(186003)(66574015)(8676002)(66946007)(450100002)(2906002)(478600001)(8936002)(76116006)(53546011)(33656002)(6506007)(26005)(66446008)(66476007)(7696005)(38100700001)(66556008)(9686003)(71200400001)(83380400001)(64756008)(110136005)(86362001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: yx3O+3Ca8D+x31PO0H5Fu5QLlkTq9zNnQvHVL2UoVPqsCmBf8FFsvMuv5Yh6JwkNrwEfnVfRzkf7wuWK4c7qomVkkvTl7PqBK9iyd6F0xATFlj7/8ErUEfCLG2m13qxtLyNaG70JoQ6fJ7L9XqsT8/5V4b9/LSp/NDqT3WURZTSzICgEQpH9VMWTgnVxwKI1ltB1RJMZeSN9GVS7DszdB07F4wjZ/Nx/DW/GZCTPbhcRr9tE9IKTDComD0vhkZZ/2aMaJGhXV/8rcIvVqrIdYDvOau5H7kvncXh4tK2ZtkauN2mcDu1sSm9izXG0TGAGEOjeX1Kfv40uJLZp9Uo4blACZRUStNFkPnlCEJ3eijaws8Yz8Lg8S7EXZZJTkT7mKct7ezRz36vErPlw7KvGwX8GT5ososhhfAAbQ0NTp/7bai6we5siTR7F0YtNfXBWay0jvD1UF3UeU6Qcl2QSK9s59C44T/DHzZEE3Doyqex9SkAPTJneVH7biRuugJ5oFqQLJXVToj3CxZAG+2+CI1KSR3XBH0mEopbS/OeftbFIdiiuyf7oBOOERrMf3t9VC1MKbmslnWY5vMiNQFzWW7NKxLkqnynzl8oL3sqokWvh6R6GMn/SKK39VaP1Fuappuvi04sCraXmbdLlKqyxEVaDoNyFtbYlu/e5OoYrbFLdJjeb6U4QpwP9dKquz0VSbVaMWgk8RaD/04dhxg/X7/KP2Xje9KNMKtTGmQRqJeD5yKP/LzxPy6SDX3pcugBV+LYGXQGTiKRO2eqSrx9l2MjGXrTrZDPFtIpOc9AQdTbmSwH07W+mNwbpDC8sbUCmffLR45Ptip7iCCaFkzC1DiXpIu0k46xzJiwlf99FMAFUujTPegyeeQVlIfwvk6YLZ85k8bVWpC5qUre5jd1VvlJITtEE0KI2qNln1IEmp3MXCNljJ3H3wkUPWk04FdYqXPCmeQEbIFVy+uQLNocxBWCvKqQhftOGvmOUSMyMGIZr/Iwyjov+kiKLsmrabGsrCKYWU7G0QoRPqtzAjeyLmGVU/V0A64HHGAcoSzNtrcGGH87hOPvF14LZYN6vAR5Jo0+Ft7cZu3sdLOtw4A1C9NCcrUKKiEvCmN9YOx9IVFaBp4RDOznEry2rp+pzs6RpMlLDwyUnwLBDBH4i1NGcbaeB1hr+ClEuGivM9nTt5EpNRAz6zPT+VCn5sU5+i3igf4ENoHHM1scOOgrmjYBC1hi5/BdALW2Bxlyjj6W5C8oJ6cWUMj4sR/bLyDgGPSiR7X2BVc8XLvY7TL2S0MrBdRPmTX4jM7QTTJ7QdV/jasWizqmXIDwGt2lLPKVTe5wH
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BL0PR05MB5316.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 3b1f9f81-479f-4f0d-7a1e-08d8fadb75f8
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Apr 2021 22:12:55.5366 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: MFgJXHn2L9nthATx580q42+JD94HflK3LWDhMu9oTzGtuTuHqJ3aW0LbYilDS8r3VH78fzx6vYbHlkNFKXkSPg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLAPR05MB7329
X-Proofpoint-GUID: B31P2QnH-M9bJ8_hgHzSeVHE6bIdLs3-
X-Proofpoint-ORIG-GUID: B31P2QnH-M9bJ8_hgHzSeVHE6bIdLs3-
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.761 definitions=2021-04-08_10:2021-04-08, 2021-04-08 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 adultscore=0 priorityscore=1501 clxscore=1011 phishscore=0 bulkscore=0 suspectscore=0 mlxscore=0 spamscore=0 mlxlogscore=999 impostorscore=0 malwarescore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104060000 definitions=main-2104080146
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/nY6LdBMX9ehaDDWFW-HoXTOyBQ0>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Apr 2021 22:13:04 -0000

Clarence,

Draft-filsfils-6man-structured-flow-label addresses a real problem. However, it may have issues with regard to backwards compatibility and IPv6 extensibility. Each is addressed below.

Backwards Compatibility
==================== 
In the draft, you divide the flow label into 4 FLC bits and 16 FLE bits. The 4 FLC bits carry per-packet control information and are not used for ECMP load-balancing. The 16 FLE bits are as defined in RFC 6437.

This raises the issue of backwards compatibility. Many legacy devices IPv6 devices use all 20 bits of the flow label as defined in RFC 6437. As you say in  Section 4, this could cause packets belonging to a single flow to be distributed among multiple paths. So, the degree of packet reordering at the ultimate destination node will increase to an unacceptable level.
 
IPv6 Extensibility
============== 

Over the past decade, there have been several proposals that take the following form:

- An IPv6 source node needs to convey some piece of information to every node along the packet's delivery path
- Field X in the IPv6 header is longer than it needs to be
- So, we can borrow a few bits from Field X to convey this information.

This approach is flawed for the following reasons:

- It can cause backwards compatibility issues, as described above
- It only works a few times, until there are no more bits to be borrowed in the base IPv6 header

IPv6 includes a Hop-by-hop Options header. It's purpose is to convey information from the source node to every node along the packet's delivery path. Sadly, it was implemented badly so that it can be used as a DoS vector. Therefore, network operators generally filter it.

A better approach would be:

- to avoid borrowing bits from the IPv6 header
- to use the HBH Option for its intended purpose

This will require rehabilitation of the HBH option. Bob Hinden and Gorry Fairhurst have made a good start towards this goal in draft-hinden-6man-hbh-processing. We vendors will also need to get behind the rehabilitation effort, revising our implementations so that it can no longer be used as a DoS vector. In turn, network operators will also need to get behind the rehabilitation effort.

While this may not be the path of least resistance, it will contribute to the future extensibility of IPv6. Let's do the right thing.

                                                                                                   Ron





On 17-Mar-21 05:49, internet-drafts@ietf.org wrote:
>
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
>
>
>         Title           : Structured Flow Label
>         Authors         : Clarence Filsfils
>                           Ahmed Abdelsalam
>                           Shay Zadok
>                           Xiaohu Xu
>                           Weiqiang Cheng
>                           Daniel Voyer
>                           Pablo Camarillo Garvia
>       Filename        : draft-filsfils-6man-structured-flow-label-00.txt
>       Pages           : 12
>       Date            : 2021-03-16
>


Juniper Business Use Only

v2.43.4 | Report a Bug | By Email | System Status